From 935cbc4653471791227428bb12b7603fbfaaeb8a Mon Sep 17 00:00:00 2001
From: tychovrahe <brunam@seznam.cz>
Date: Thu, 27 Feb 2025 20:06:28 +0100
Subject: [PATCH] feat(core/prodtest): add tamper testing function

---
 core/SConscript.prodtest                      |  1 +
 core/embed/projects/prodtest/README.md        | 11 +++++
 .../projects/prodtest/cmd/prodtest_tamper.c   | 43 +++++++++++++++++++
 3 files changed, 55 insertions(+)
 create mode 100644 core/embed/projects/prodtest/cmd/prodtest_tamper.c

diff --git a/core/SConscript.prodtest b/core/SConscript.prodtest
index a01ec73ba05..da2bcaebb7b 100644
--- a/core/SConscript.prodtest
+++ b/core/SConscript.prodtest
@@ -120,6 +120,7 @@ SOURCE_PRODTEST = [
     'embed/projects/prodtest/cmd/prodtest_reboot.c',
     'embed/projects/prodtest/cmd/prodtest_rgbled.c',
     'embed/projects/prodtest/cmd/prodtest_sdcard.c',
+    'embed/projects/prodtest/cmd/prodtest_tamper.c',
     'embed/projects/prodtest/cmd/prodtest_sbu.c',
     'embed/projects/prodtest/cmd/prodtest_touch.c',
     'embed/projects/prodtest/cmd/prodtest_tropic.c',
diff --git a/core/embed/projects/prodtest/README.md b/core/embed/projects/prodtest/README.md
index b2e04aa5b2c..e94f0bc5377 100644
--- a/core/embed/projects/prodtest/README.md
+++ b/core/embed/projects/prodtest/README.md
@@ -759,6 +759,17 @@ powerctl-hibernate
 OK
 ```
 
+### tamper-read
+Reads the state of the tamper detection inputs.
+Up to 8 inputs can be read, each represented by a single bit in the response.
+A set bit indicates active inputs.
+
+Example:
+```
+tamper-read
+OK 2
+```
+
 ### tropic-get-riscv-fw-version
 
 Reads the version of the RISC-V firmware. The command returns `OK` followed by the version.
diff --git a/core/embed/projects/prodtest/cmd/prodtest_tamper.c b/core/embed/projects/prodtest/cmd/prodtest_tamper.c
new file mode 100644
index 00000000000..260d511852e
--- /dev/null
+++ b/core/embed/projects/prodtest/cmd/prodtest_tamper.c
@@ -0,0 +1,43 @@
+/*
+ * This file is part of the Trezor project, https://trezor.io/
+ *
+ * Copyright (c) SatoshiLabs
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifdef USE_TAMPER
+
+#include <trezor_rtl.h>
+
+#include <rtl/cli.h>
+#include <sys/tamper.h>
+
+static void prodtest_tamper_read(cli_t* cli) {
+  uint8_t val = tamper_external_read();
+
+  cli_ok(cli, "%d", val);
+}
+
+// clang-format off
+
+PRODTEST_CLI_CMD(
+  .name = "tamper-read",
+  .func = prodtest_tamper_read,
+  .info = "Read current status of external tamper inputs",
+  .args = ""
+);
+
+
+#endif